Lucene search
K

38 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in opensc

Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process when using the pkcs15-init function. To exploit these vulnerabilities, an attacker must have physical access to the computer system and use a custom-constructed USB device or sma...

6.4CVSS6.6AI score0.01174EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.5 views

TencentOS Server 3: opensc (TSSA-2023:0324)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0324 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

6.6CVSS6.2AI score0.01174EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-45217

Malicious code in bioql PyPI...

6.4CVSS6.3AI score0.01174EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2025/07/11 12:0 a.m.3 views

CBL Mariner 2.0 Security Update: opensc (CVE-2023-40661)

The version of opensc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-40661 advisory. - Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollme...

6.4CVSS6.4AI score0.01174EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/07/11 12:0 a.m.2 views

Azure Linux 3.0 Security Update: opensc (CVE-2023-40661)

The version of opensc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-40661 advisory. - Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollme...

6.4CVSS6.4AI score0.01174EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-40661

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or...

6.4CVSS6.9AI score0.01174EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/09/11 3:14 a.m.3 views

SUSE CVE-2024-8443

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

3.4CVSS8.1AI score0.0031EPSS
Exploits0References10
OSV
OSV
added 2024/09/10 2:15 p.m.21 views

CVE-2024-8443

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

2.9CVSS8AI score0.0031EPSS
Exploits0References3
OSV
OSV
added 2024/09/10 2:15 p.m.3 views

DEBIAN-CVE-2024-8443

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

2.9CVSS6.8AI score0.0031EPSS
Exploits0References1
NVD
NVD
added 2024/09/10 2:15 p.m.22 views

CVE-2024-8443

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

2.9CVSS0.0031EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/09/10 1:16 p.m.31 views

CVE-2024-8443 Libopensc: heap buffer overflow in openpgp driver when generating key

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

2.9CVSS0.0031EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/09/10 1:16 p.m.25 views

CVE-2024-8443 Libopensc: heap buffer overflow in openpgp driver when generating key

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

2.9CVSS8.4AI score0.0031EPSS
Exploits0References2
CVE
CVE
added 2024/09/10 1:16 p.m.102 views

CVE-2024-8443

CVE-2024-8443 is a heap-based buffer overflow in the libopensc OpenPGP driver. A crafted USB device or smart card that replies to APDUs during enrollment via pkcs15-init can trigger out-of-bounds access, potentially allowing arbitrary code execution. Public-affecting reports reference the OpenSC ...

2.9CVSS4.7AI score0.0031EPSS
Exploits0References3Affected Software1
AlpineLinux
AlpineLinux
added 2024/09/10 1:16 p.m.18 views

CVE-2024-8443

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

2.9CVSS4.5AI score0.0031EPSS
Exploits0
OSV
OSV
added 2024/02/12 11:15 p.m.1 views

UBUNTU-CVE-2024-1454

The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...

3.4CVSS6.9AI score0.00422EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/12/21 12:0 a.m.39 views

Fedora 39 : opensc (2023-a854153d7a)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-a854153d7a advisory. New upstream release 2240701 with security fixes for CVE-2023-40660, CVE-2023-4535, CVE-2023-40661 Tenable has extracted the preceding description...

6.6CVSS6.1AI score0.01174EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/12/20 12:0 a.m.27 views

AlmaLinux 8 : opensc (ALSA-2023:7876)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:7876 advisory. - A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic...

6.6CVSS6.2AI score0.01174EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2023/12/19 9:58 a.m.3 views

OpenSC: multiple memory issues with pkcs15-init (enrollment tool)

Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and employ a...

6.4CVSS5.8AI score0.01174EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2023/12/19 12:0 a.m.40 views

RHEL 8 : opensc (RHSA-2023:7876)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:7876 advisory. The OpenSC set of libraries and utilities provides support for working with smart cards. OpenSC focuses on cards that support cryptographic...

6.6CVSS6.5AI score0.01174EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2023/12/19 12:0 a.m.28 views

Oracle Linux 9 : opensc (ELSA-2023-7879)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-7879 advisory. - Fix CVE-2023-40660: Potential PIN bypass - Fix CVE-2023-40661: Dynamic analyzers reports in pkcs15init - Fix CVE-2023-4535: Out-of-bounds read in MyE...

6.6CVSS6.1AI score0.01174EPSS
Exploits0References4
Rows per page
Query Builder